arcfour: greatly increase discard parameters

Okay, this thing got public so it's time to make the RC4 rugged. Not
that I'd know about something that would break current implementation,
but it's nice to at least do the recommended discard correctly.

We'll probably be adding better symmetric ciphers anyway.

Note that this is an incompatible change (again). FMTSeq private keys
will need to be replaced. Existing signature validity doesn't change.
Encrypted messages will not be possible to decrypt.

src/algos_enc.cpp

@@ -231,6 +231,8 @@ static bool message_unpad (std::vector<byte> in, bvector&out)
  * otherwise it probably fails. miserably.
  */
 
+#define arcfour_discard 4096
+
 template < class pubkey_type,
          int plainsize,
          int ciphersize,
@@ -294,7 +296,7 @@ static int fo_encrypt (const bvector&plain, bvector&cipher,
 		                               K.begin() + ( (i + 1) << 8) ) );
 		arc.load_key (subkey);
 	}
-	arc.discard (256);
+	arc.discard (arcfour_discard);
 	for (i = 0; i < M.size(); ++i) M[i] = M[i] ^ arc.gen();
 
 	//append the message part to the ciphertext
@@ -359,7 +361,7 @@ static int fo_decrypt (const bvector&cipher, bvector&plain,
 		                               K.begin() + ( (i + 1) << 8) ) );
 		arc.load_key (subkey);
 	}
-	arc.discard (256);
+	arc.discard (arcfour_discard);
 	//decrypt the message part
 	for (i = 0; i < M.size(); ++i) M[i] = M[i] ^ arc.gen();
 

src/fmtseq.cpp

@@ -35,7 +35,7 @@ void prepare_keygen (arcfour<byte>& kg, const std::vector<byte>&SK, uint idx)
 	}
 	tmp.resize (16, 0); //prevent chaining to other numbers
 	kg.load_key (tmp);
-	kg.discard (256);
+	kg.discard (4096);
 }
 
 static void add_zero_checksum (bvector& v)

src/generator.cpp

@@ -42,6 +42,6 @@ void arcfour_rng::seed (uint bits, bool quick)
 	f.close();
 
 	r.load_key (s);
-	r.discard (256);
+	r.discard (4096);
 }